Sunday, January 28, 2018

Yesterday I began writing about the recent Coincheck hack and the resulting theft of NEM coins as a way of introducing the key distinction between an exchange getting hacked and the frequent misrepresentation of such events, which often is portrayed as "Bitcoin being hacked."

When I began writing on this topic yesterday, I described the hacking of an exchange versus the mistaken notion some have that Bitcoin is what gets hacked in such an event as being like someone simply taking paper currency notes out of your wallet, rather than them somehow changing the nature of the notes themselves to make them disappear from your wallet. Then I described an exchange as being like a closet full of wallets kept behind a locked door, which someone could pick and gain access to the wallets. That is exactly what happened here.

If you've patronized a business that accepts Bitcoin, you've probably seen one of these near their register. It's a QR code that a Bitcoin payment app can scan to input the merchant's payment address into the app, to which you send the appropriate amount of Bitcoins from your wallet. This is what is known as the "public key" of a Bitcoin address that leads to a Bitcoin wallet, and with it you can look into the wallet associated with the address, see its balance, and when Bitcoin has arrived at and departed from it.

Sounds kind of weird, even insecure, maybe? You don't just leave your physical wallet (or purse) lying around, right? So why would you broadcast this information to the world?

But what if your physical wallet had a property to it where people could look in it all they want, but they couldn't remove anything from it?

In the realm of cryptocurrencies, this is all part of the code that drives it, which includes these public keys, but also another one, the private key.

When a Bitcoin wallet is generated (or any other crypto; the following is true of all of them, but I'll just refer to Bitcoin to keep things simple), a public key and a mathematically-related private key are simultaneously generated (they are in truth what a crypto wallet is). The private key is required in order to send Bitcoin from a wallet. Think of it like an extremely long PIN number associated with a debit card. Without that private key, Bitcoins cannot be removed from the associated wallet. This is why when you hear stories of "lost" Bitcoins, it's actually this key that has been lost, as the Bitcoins in the wallet associated with it stay put and are clearly visible to the entire world, but no one can reach them (worst of all, visible to but unreachable by their true owner).

The need for and the use of the private key is why coins kept on a crypto exchange can be vulnerable to theft. Because the private key is required to send Bitcoins from a wallet, in order for an exchange to facilitate the sends that their customers might order from their own wallets, the exchange must be in custody of the private keys of those wallets. This creates the potential for someone to break into the system and steal the private keys, and with those keys, steal the coins stored in the wallets that are hosted on the exchange (or in the case of Coincheck, "wallet," as they had everyone's NEM coins stored in one giant wallet).

So, as I've said previously, when an exchange gets hacked, it is not the stolen coin or its blockchain that has been hacked. They work just like they are supposed to: when the blockchain network receives instructions to send coins from one wallet to another, and the proper private key is used, the system works exactly like it is supposed to. It was the security failure on the part of the affected exchange that allowed the private keys to fall into the wrong hands, which is the root cause of the theft.

This is why many (myself included) recommend that you do not keep the bulk of your crypto currencies on exchanges. Just enough for immediate spending wants and needs, or for trading, should be kept in these so-called "hot wallets."

So if it's not a good idea to keep your cryptos on an exchange, where do you keep them? For that, you have several options. These are the most common:

Hardware wallets: these are special purpose electronic devices that can store cryptos on them, also providing wallet address management, such as generating new wallets and moving your cryptos into them, all on the device itself, so that your coins become a "moving target" on the blockchain. Hardware wallets keep a firewall of sorts between themselves and the computers they are attached to such that the private keys are never transmitted to the computer, only signed transactions (sends), allowing them to be used even on untrusted computers with a high degree of security. Downsides: a special purpose physical device like this can become lost or damaged (though there are ways to recover your wallet(s) to a new device), they demonstrate that you probably own Bitcoins (might be an issue at a border crossing, for example), and they cost a bit. Some popular examples: Trezor, Ledger Nano S. This is the storage method that I'm planning to go with in the near future.

Software wallets: this is a wallet hosted on your computer, tablet, smart phone, etc, facilitated by a wallet app like Mycelium. These apps store and manage private keys within them, with varying degrees of security sophistication, and while more secure than the "custodial wallets" of exchanges, being directly connected to the internet does introduce some vulnerability. This is a reduced risk given the fact that a hacker would have to attack your device directly, which is a "needle in a haystack" sort of proposition that it unlikely to interest them, given the time involved, the difficulty, and the "small fish" that you represent relative to an exchange. All the same, the most obvious downside is that this kind of wallet could be hacked, so they should be treated as a "hot wallet" in which you only keep enough of your coins for near-term, anticipated uses.

Paper wallets or "cold storage": This is exactly what it sounds like, a crypto storage "device" made of paper. It is simply a paper printout of the address and QR code of both the public key and the private key of a crytocurrency wallet, to which the owner sent coins at some point. Because the private key only exists offline, there is simply no way to steal coins from this kind of wallet without physically obtaining the paper the private key is on. They are generated by websites that can be run in offline mode, by smartphone apps, etc., which are typically one-time events that are not stored in the memory of the device used to generate them. Bitcoins kept in this way must be "swept" into a hot wallet account in order to use them, typically by using a software wallet app like the one mentioned above, which is as easy as scanning the QR code on the private key paper and moving the balance of the coins to that new hot wallet. The potential downsides here are interception of the private key upon generation if the device used to generate the wallet is compromised, retrieval of the private key by a hacker from the memory of the printer, etc. All of these possible attacks, the probability of which are remote, require that appropriate precautions be taken before and after generating and printing the new wallet. The biggest downside, however, is more ordinary stuff: because the private key is on a piece of paper, it is vulnerable to fire, water, theft, cats, etc. You can mitigate this risk by keeping multiple copies of your private key in water-resistant containers, locked up at secure sites that you can remember (mine are kept in ziplock bags under lock and key in public places where anyone attempting to coerce me into giving them the key would be surrounded by dozens of witnesses, plus I'm usually armed).

If you've been thinking about getting into Bitcoin, Litecoin, etc. but have hesitated because of these "Bitcoin hacks" you've probably heard of, hopefully this information helps you better understand what is really going on by separating facts from headlines. Cryptos are decentralized systems, meaning "The Man" is not in charge, and as such securing your coins and using them wisely is entirely upon you. This is the tradeoff for the liberty that cryptocurrencies offer: they require individual responsibility. That said, it's not as hard as it might sound to protect your coins, it's just that the FUDsters out there love to make it sound like it is.